Question

SOAP不是我的朋友之一，所以请允许我请求帮助。

我有一个创建SOAP消息的请求，以便将数据发送到外部服务。它必须经过身份验证并通过证书签名。

贝娄表明它应该是什么样子 - 这是标题的一部分 - “安全”。

请让我问 - 这些哈希是什么，我能得到它们吗？（它们在代码中用** **“突出显示”）

非常感谢任何回复，非常感谢。

亲切的问候

<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
   <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-536E4AA6BF962CA97613699845428011">**MIIE+TCCA+GgAwIBAgIKPs365QAAAAAASjANBgkqhkiG9w0BAQUFADBDMRIwEAYKCZImiZPyLGQBGRYCc2sxFTATBgoJkiaJk/IsZAEZFgVzZmVyYTEWMBQGA1UEAxMNU2ZlcmEgVEVTVCBDQTAeFw0xMjEwMDgwOTM3NTBaFw0xMzEwMDgwOTQ3NTBaMIGSMQswCQYDVQQGEwJTSzERMA8GA1UECBMIU2xvdmFraWExEzARBgNVBAcTCkJyYXRpc2xhdmExFTATBgNVBAoMDHNmw6lyYSwgYS5zLjEMMAoGA1UECwwDw5pWMRgwFgYDVQQDEw9TZmVyYSBURVNUIFVzZXIxHDAaBgkqhkiG9w0BCQEWDWluZm9Ac2ZlcmEuc2swgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMCMcBeOT8b3Wi3ihpThlU9i12lKAcOx3GPkrey1YN2UmT15Um1bctC1eUkDCS8NCsoenwTk5gFNgZjqX+F3+sdPQVUglNo7iU2/nMZ7gpRFgrgIDrBo/fomkx7hICMShqR5+YiX1KIz90bCbmpmus72/bd+7XKEsRzli4OIx7ztAgMBAAGjggIhMIICHTAOBgNVHQ8BAf8EBAMCBPAwRAYJKoZIhvcNAQkPBDcwNTAOBggqhkiG9w0DAgICAIAwDgYIKoZIhvcNAwQCAgCAMAcGBSsOAwIHMAoGCCqGSIb3DQMHMB0GA1UdDgQWBBSDjG5Fmw2UFu9ZqT4OzHpqnGp6dzATBgNVHSUEDDAKBggrBgEFBQcDAjAfBgNVHSMEGDAWgBTovJSLWZlneg/1zyJnGHLikgHnzTCBlAYDVR0fBIGMMIGJMIGGoIGDoIGAhj9odHRwOi8vdi0zMTAwMC1zci0yazMuc2ZlcmEuc2svQ2VydEVucm9sbC9TZmVyYSUyMFRFU1QlMjBDQS5jcmyGPWZpbGU6Ly9cXHYtMzEwMDAtc3ItMmszLnNmZXJhLnNrXENlcnRFbnJvbGxcU2ZlcmEgVEVTVCBDQS5jcmwwgdgGCCsGAQUFBwEBBIHLMIHIMGMGCCsGAQUFBzAChldodHRwOi8vdi0zMTAwMC1zci0yazMuc2ZlcmEuc2svQ2VydEVucm9sbC92LTMxMDAwLXNyLTJrMy5zZmVyYS5za19TZmVyYSUyMFRFU1QlMjBDQS5jcnQwYQYIKwYBBQUHMAKGVWZpbGU6Ly9cXHYtMzEwMDAtc3ItMmszLnNmZXJhLnNrXENlcnRFbnJvbGxcdi0zMTAwMC1zci0yazMuc2ZlcmEuc2tfU2ZlcmEgVEVTVCBDQS5jcnQwDQYJKoZIhvcNAQEFBQADggEBACjmO/Yz7ZDWmmG99m8IrtBY6mka0jl1CFcagyvawjO1ORa645/bKXHUOgsEdCsvRcuAe8VmANpGLtqnIEzki8P/IiZfwQbHndVxfkwENMHFcLULQnwxKRZA4PS7PkmSkkjy++u2d/F6SWv500ytoVaEQgRKlLfEv8Vps3XxAmJ1DL6eFaMfeC24iftwm6S/IxPbwTudyhSqQXURLIflw6qYlvyS+y+BKc/uPO0YCfTLCxzgVPUMDxKWDECKpcaN1XwucVVZvIDWvE/WQ0IipIKZYExmK+f5aUZbJUCxFtFdAsy1yQlkXPZ6vo8nhB+/ocexlQJtmo2kN8K/PdspBw0=**</wsse:BinarySecurityToken>
   <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-8">
      <ds:SignedInfo>
         <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsa ns soap" />
         </ds:CanonicalizationMethod>
         <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
         <ds:Reference URI="#id-3">
            <ds:Transforms>
               <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                  <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ns" />
               </ds:Transform>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <ds:DigestValue>**lFnegWV52e3LoBj3jNxW84oR5tU=**</ds:DigestValue>
         </ds:Reference>
         <ds:Reference URI="#id-4">
            <ds:Transforms>
               <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                  <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ns" />
               </ds:Transform>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <ds:DigestValue>**Mvnq3Ms+cExBf1pfBeqNJLM+XEk=**</ds:DigestValue>
         </ds:Reference>
         <ds:Reference URI="#id-5">
            <ds:Transforms>
               <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                  <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ns" />
               </ds:Transform>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <ds:DigestValue>**7ktvKkcQQqOm/Uk2cnFg30f9m/A=**</ds:DigestValue>
         </ds:Reference>
         <ds:Reference URI="#id-6">
            <ds:Transforms>
               <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                  <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ns" />
               </ds:Transform>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <ds:DigestValue>**D2SnlCJRWR+F95gdjoK42ZI0D98=**</ds:DigestValue>
         </ds:Reference>
         <ds:Reference URI="#TS-1">
            <ds:Transforms>
               <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                  <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse wsa ns soap" />
               </ds:Transform>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <ds:DigestValue>bsXg0RlneSpwynQ6czGW0nZ3tb4=</ds:DigestValue>
         </ds:Reference>
         <ds:Reference URI="#id-7">
            <ds:Transforms>
               <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                  <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ns" />
               </ds:Transform>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <ds:DigestValue>**PjApypt2lSmahivJ0oCNKiud4p4=**</ds:DigestValue>
         </ds:Reference>
         <ds:Reference URI="#UsernameToken-2">
            <ds:Transforms>
               <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                  <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsa ns soap" />
               </ds:Transform>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <ds:DigestValue>**bR63weD24Ab0ddtBIt/RVeGSt1g=**</ds:DigestValue>
         </ds:Reference>
      </ds:SignedInfo>
      <ds:SignatureValue>**idE8pmhmkjY9c6ultBUrXSTukHfvjhiRdvEDViVIROyEgLE3lweNrtAvyLjalxrLJUGQWu63uvqM 9u4TFAi/moY7SeuLsb8Xd86hEAWWPkp061+Kpg5dV+17N8yDOfNx6wG0WQzchHzCzOKaceuqphQN aM92Qg8MVUsond9mkdI=**</ds:SignatureValue>
      <ds:KeyInfo Id="KI-536E4AA6BF962CA97613699845428202">
         <wsse:SecurityTokenReference wsu:Id="STR-536E4AA6BF962CA97613699845428213">
            <wsse:Reference URI="#X509-536E4AA6BF962CA97613699845428011" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
         </wsse:SecurityTokenReference>
      </ds:KeyInfo>
   </ds:Signature>
   <wsse:UsernameToken wsu:Id="UsernameToken-2">
      <wsse:Username>username</wsse:Username>
      <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
   </wsse:UsernameToken>
   <wsu:Timestamp wsu:Id="TS-1">
      <wsu:Created>2013-05-31T07:15:42.305Z</wsu:Created>
      <wsu:Expires>2013-05-31T10:02:22.305Z</wsu:Expires>
   </wsu:Timestamp>
</wsse:Security>

Answer 1

请让我问 - 这些哈希是什么，我能得到它们吗？（它们在代码中用** **“突出显示”）

这些是SHA1摘要值，您通常可以使用例如如果您使用.NET框架，请使用以下方法：

System.Security.Cryptography.SHA1CryptoServiceProvider.ComputeHash(byte[] dataBytesToHash)

但是，在您的情况下，因为这是WS-Security SOAP消息，您不必“手动”计算这些摘要值，请在此处查看可以找到解决任务所需的所有信息的位置：

WS-Security using the ASMX file in ASP.NET 3.5

SOAP安全标头 - 证书？

1 个答案: